CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3102
https://notcve.org/view.php?id=CVE-2017-3102
Adobe Connect versions 9.6.1 and earlier have a reflected cross-site scripting vulnerability. Successful exploitation could lead to a reflected cross-site scripting attack. Adobe Connect versiones 9.6.1 y anteriores, presenta una vulnerabilidad de tipo cross-site scripting reflejado. Una explotación con éxito podría conllevar a un ataque de tipo cross-site scripting reflejado. • http://www.securityfocus.com/bid/99517 http://www.securitytracker.com/id/1038846 https://helpx.adobe.com/security/products/connect/apsb17-22.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2016-7851 – Adobe Connect 9.5.7 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2016-7851
Adobe Connect version 9.5.6 and earlier does not adequately validate input in the events registration module. This vulnerability could be exploited in cross-site scripting attacks. Adobe Connect versión 9.5.6 y versiones anteriores no valida adecuadamente entradas en el módulo de registro de eventos. Esta vulnerabilidad puede ser explotada en ataques de XSS. • https://www.exploit-db.com/exploits/40742 http://www.securityfocus.com/bid/94152 http://www.securitytracker.com/id/1037239 https://helpx.adobe.com/security/products/connect/apsb16-35.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4118
https://notcve.org/view.php?id=CVE-2016-4118
Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors. Vulnerabilidad de ruta de búsqueda no fiable en el instalador en Adobe Connect Add-In en versiones anteriores a la 11.9.976.291 en Windows permite que usuarios locales obtengan privilegios mediante vectores sin especificar. • http://www.securityfocus.com/bid/90815 http://www.securitytracker.com/id/1035958 https://helpx.adobe.com/security/products/connect/apsb16-17.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0948
https://notcve.org/view.php?id=CVE-2016-0948
Cross-site request forgery (CSRF) vulnerability in Adobe Connect before 9.5.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Vulnerabilidad de CSRF en Adobe Connect en versiones anteriores a 9.5.2 permite a atacantes remotos secuestrar la autenticación de víctimas no especificadas a través de vectores desconocidos. • http://www.securitytracker.com/id/1034978 https://helpx.adobe.com/security/products/connect/apsb16-07.html • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0949
https://notcve.org/view.php?id=CVE-2016-0949
Adobe Connect before 9.5.2 allows remote attackers to have an unspecified impact via a crafted parameter in a URL. Adobe Connect en versiones anteriores a 9.5.2 permite a atacantes remotos tener un impacto no especificado a través de un parámetro manipulado en una URL. • http://www.securitytracker.com/id/1034978 https://helpx.adobe.com/security/products/connect/apsb16-07.html •